P
US11228651B2ActiveUtilityPatentIndex 72

Path validation and performance assurance for distributed network endpoints

Assignee: CISCO TECH INCPriority: Sep 3, 2019Filed: Sep 3, 2019Granted: Jan 18, 2022
Est. expirySep 3, 2039(~13.2 yrs left)· nominal 20-yr term from priority
Inventors:WARNICKE EDWARD ANAINAR NAGENDRA KUMARPIGNATARO CARLOS MASATI RAJIV
H04L 67/51H04L 67/141H04L 67/10H04L 41/5051H04L 41/5009H04L 43/10H04L 67/16
72
PatentIndex Score
4
Cited by
29
References
20
Claims

Abstract

Techniques for network validation are provided. A first request is received at a first manager component, from a first client. The first client and the first manager component are on a first node of a plurality of nodes, and the first request specifies a desired network service. A first network service endpoint that is capable of providing the desired network service is identified, where the first network service endpoint is on a second node of the plurality of nodes. A connection is established between a first validation agent on the first node and a second validation agent on the second node. Finally, upon determining that the connection between the first and second validation agents satisfies predefined criteria, a connection is established between the first client and the first network service endpoint.

Claims

exact text as granted — not AI-modified
We claim: 
     
       1. A method comprising:
 receiving, at a first manager component, a first request from a first client, wherein the first client and the first manager component are on a first node of a plurality of nodes, and wherein the first request specifies a desired network service; 
 identifying a first network service endpoint that is capable of providing the desired network service, wherein the first network service endpoint is on a second node of the plurality of nodes; 
 establishing a first connection between a first validation agent on the first node and a second validation agent on the second node, wherein the first validation agent transmits one or more probe packets to the second validation agent via the first connection; and 
 upon determining, based on the one or more probe packets, that the first connection between the first and second validation agents satisfies predefined criteria, establishing a second connection between the first client and the first network service endpoint. 
 
     
     
       2. The method of  claim 1 , wherein establishing the first connection between the first validation agent and the second validation agent comprises:
 transmitting, to a second manager component on the second node, a second request to establish the second connection between the first client and the first network service endpoint, wherein the second request indicates that the second connection should be validated before use. 
 
     
     
       3. The method of  claim 2 , wherein, upon receiving the second request, the second manager component creates and injects an interface to the second validation agent, and wherein the second request further specifies a set of parameters to gather about the first connection between the first and second validation agents. 
     
     
       4. The method of  claim 2 , wherein establishing the second connection between the first client and the first network service endpoint comprises:
 creating and injecting a first interface to the first client; and 
 instructing the second manager component to create and inject a second interface to the first network service endpoint. 
 
     
     
       5. The method of  claim 1 , the method further comprising:
 injecting, into a pod containing the first client, a validation application, wherein the validation application transmits probe packets to the first network service endpoint via the second connection between the first client and the first network service endpoint; and 
 upon determining, based on the probe packets, that the second connection between the first client and the first network service endpoint does not satisfy the predefined criteria, establishing a third connection between the first client and a second network service endpoint. 
 
     
     
       6. The method of  claim 1 , the method further comprising:
 determining that there is a plurality of paths between the first node and the second node; 
 establishing a plurality of connections between the first validation agent and the second validation agent, wherein each of the plurality of connections corresponds to a path in the plurality of paths; 
 selecting a first path of the plurality of connections to use for the second connection between the first client and the first network service endpoint; and 
 reserving the plurality of paths as alternatives for the first path. 
 
     
     
       7. The method of  claim 6 , the method further comprising:
 upon determining that the second connection between the first client and the first network service endpoint no longer satisfies the predefined criteria, selecting a second path of the plurality of paths to be used for the second connection between the first client and the first network service endpoint. 
 
     
     
       8. The method of  claim 1 , the method further comprising:
 identifying a second network service endpoint that can provide the desired network service, wherein the second network service endpoint is on a third node of the plurality of nodes; 
 establishing a third connection between the first validation agent and a third validation agent on the third node; and 
 upon determining that the third connection between the first and third validation agents does not satisfy the predefined criteria, refraining from establishing a fourth connection between the first client and the second network service endpoint. 
 
     
     
       9. The method of  claim 1 , wherein identifying the first network service endpoint comprises:
 transmitting a second request specifying the desired network service to a network service server; and 
 receiving a list of network service endpoints that are capable of providing the desired network service. 
 
     
     
       10. A non-transitory computer-readable storage medium having computer-readable program code embodied therewith, the computer-readable program code executable by one or more computer processors to perform an operation comprising:
 receiving, at a first manager component, a first request from a first client, wherein the first client and the first manager component are on a first node of a plurality of nodes, and wherein the first request specifies a desired network service; 
 identifying a first network service endpoint that is capable of providing the desired network service, wherein the first network service endpoint is on a second node of the plurality of nodes; 
 establishing a first connection between a first validation agent on the first node and a second validation agent on the second node, wherein the first validation agent transmits one or more probe packets to the second validation agent via the first connection; and 
 upon determining, based on the one or more probe packets, that the first connection between the first and second validation agents satisfies predefined criteria, establishing a second connection between the first client and the first network service endpoint. 
 
     
     
       11. The non-transitory computer-readable storage medium of  claim 10 , wherein establishing the first connection between the first validation agent and the second validation agent comprises:
 transmitting, to a second manager component on the second node, a second request to establish the second connection between the first client and the first network service endpoint, wherein the second request indicates that the second connection should be validated before use. 
 
     
     
       12. The non-transitory computer-readable storage medium of  claim 11 , wherein establishing the second connection between the first client and the first network service endpoint comprises:
 creating and injecting a first interface to the first client; and 
 instructing the second manager component to create and inject a second interface to the first network service endpoint. 
 
     
     
       13. The non-transitory computer-readable storage medium of  claim 10 , the operation further comprising:
 injecting, into a pod containing the first client, a validation application, wherein the validation application transmits probe packets to the first network service endpoint via the second connection between the first client and the first network service endpoint; and 
 upon determining, based on the probe packets, that the second connection between the first client and the first network service endpoint does not satisfy the predefined criteria, establishing a third connection between the first client and a second network service endpoint. 
 
     
     
       14. The non-transitory computer-readable storage medium of  claim 10 , the operation further comprising:
 determining that there is a plurality of paths between the first node and the second node; 
 establishing a plurality of connections between the first validation agent and the second validation agent, wherein each of the plurality of connections corresponds to a path in the plurality of paths; 
 selecting a first path of the plurality of connections to use for the second connection between the first client and the first network service endpoint; and 
 reserving the plurality of paths as alternatives for the first path. 
 
     
     
       15. The non-transitory computer-readable storage medium of  claim 10 , the operation further comprising:
 identifying a second network service endpoint that can provide the desired network service, wherein the second network service endpoint is on a third node of the plurality of nodes; 
 establishing a third connection between the first validation agent and a third validation agent on the third node; and 
 upon determining that the third connection between the first and third validation agents does not satisfy the predefined criteria, refraining from establishing a fourth connection between the first client and the second network service endpoint. 
 
     
     
       16. A system comprising:
 one or more computer processors; and 
 a memory containing a program which when executed by the one or more computer processors performs an operation, the operation comprising:
 receiving, at a first manager component, a first request from a first client, wherein the first client and the first manager component are on a first node of a plurality of nodes, and wherein the first request specifies a desired network service; 
 identifying a first network service endpoint that is capable of providing the desired network service, wherein the first network service endpoint is on a second node of the plurality of nodes; 
 establishing a first connection between a first validation agent on the first node and a second validation agent on the second node, wherein the first validation agent transmits one or more probe packets to the second validation agent via the first connection; and 
 upon determining, based on the one or more probe packets, that the first connection between the first and second validation agents satisfies predefined criteria, establishing a second connection between the first client and the first network service endpoint. 
 
 
     
     
       17. The system of  claim 16 , wherein establishing the first connection between the first validation agent and the second validation agent comprises:
 transmitting, to a second manager component on the second node, a second request to establish the second connection between the first client and the first network service endpoint, wherein the second request indicates that the second connection should be validated before use. 
 
     
     
       18. The system of  claim 17 , wherein establishing the second connection between the first client and the first network service endpoint comprises:
 creating and injecting a first interface to the first client; and 
 instructing the second manager component to create and inject a second interface to the first network service endpoint. 
 
     
     
       19. The system of  claim 16 , the operation further comprising:
 injecting, into a pod containing the first client, a validation application, wherein the validation application transmits probe packets to the first network service endpoint via the second connection between the first client and the first network service endpoint; and 
 upon determining, based on the probe packets, that the second connection between the first client and the first network service endpoint does not satisfy the predefined criteria, establishing a third connection between the first client and a second network service endpoint. 
 
     
     
       20. The system of  claim 16 , the operation further comprising:
 determining that there is a plurality of paths between the first node and the second node; 
 establishing a plurality of connections between the first validation agent and the second validation agent, wherein each of the plurality of connections corresponds to a path in the plurality of paths; 
 selecting a first path of the plurality of connections to use for the second connection between the first client and the first network service endpoint; and 
 reserving the plurality of paths as alternatives for the first path.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.